Can Lan and WLan connect to different networks?

Hello,

Yes you can have them both at the same time but the trick is to have them on different subnets and only have one gateway. The gateway address is used to designate what ip address you use to get to the internet. Different subnets would be say one network is set up for 192.168.1.X with netmask 255.255.255.0 and the other is set up for 192.168.2.X with netmask 255.255.255.0.

Lets say router 1 is set up as 192.168.1.1 and router 2 is set up at 192.168.2.1. To connect your laptop to both you would need to either turn off your wireless card.

OR to use the wireless connected to router 1 as your internet connection, give the lan connection a fixed IP with no gateway address filled in. This will for any traffic for the internet to go out through the gateway on the wireless.

Does that makes sense?

Hi Rodney,

Thanks for the reply. I understand what you mean but I have 2 networks. And I know something's wrong with my settings and it may have something to do with ZoneAlarm or my cards config and I don't know how to go about it.

In ZA's Zones, I have two Trusted IP Addresses listed as DHCP Servers
192.168.1.1 (Router 1) and 10.0.0.1 (Router 2)

and two Trusted Networks listed
192.168.1.0/255.255.255.0 (on Router 1) and 10.0.0.0/255.255.255.0 (on Router 2 with wireless disabled)

On my laptop in question (Acer Aspire One)
Ethernet is configured as:
DHCP Disabled, 10.0.0.3/255.255.255.0, Gateway 10.0.0.1, DNS 10.0.0.1

and Wireless is "manually: configured as:
192.168.1.49/255.255.255.0, Gateway 192.168.1.1, DNS 192.168.1.1, WINS is blank

if I enable DHCP config, it looks like this:
DHCP & Autoconfig Enabled, 192.168.1.3/255.255.255.0, Gateway/DHCP/DNS Servers 192.168.1.1

I can only connect to the internet via LAN (on Router 2) even if both Network Status shows "Connected".

On my son's laptop (an old Gateway), he can connect wirelessly (on Router 1) and via LAN (on Router 2) with the LAN taking precedence. His card config is the same except for the assigned IPs for the LAN and WAN. But I blocked his LAN service to protect/secure my own laptop behind it.

I'm a bit confused. What could be wrong with my Acer?

Again thanks in advance.

CMaker3

Hello,

Yes you can have them both at the same time but the trick is to have them on different subnets and only have one gateway. The gateway address is used to designate what ip address you use to get to the internet. Different subnets would be say one network is set up for 192.168.1.X with netmask 255.255.255.0 and the other is set up for 192.168.2.X with netmask 255.255.255.0.

Lets say router 1 is set up as 192.168.1.1 and router 2 is set up at 192.168.2.1. To connect your laptop to both you would need to either turn off your wireless card.

OR to use the wireless connected to router 1 as your internet connection, give the lan connection a fixed IP with no gateway address filled in. This will for any traffic for the internet to go out through the gateway on the wireless.

Does that makes sense?

Hello,

A couple of questions just to get a clear picture.

Are both routers connected to another router or modem that connects them to the internet?

You are running Windows (a guess) from a dos prompt what does ipconfig tell you?

With your sons laptop connected to both networks, from a dos prompt what does a traceroute to an internet address show (traceroute 4.2.2.2)?

Router 1 is the gateway to the internet on network 192.168.1.0/255.255.255.0.

Router 2 is just a lan network (10.0.0.0/255.255.255.0) that separates me (my laptop running Win7 Pro), and provide some sort of security from my spouse and kids who connect to internet wirelessly on Router 1 (2 macbooks and 1 laptop running WinXP Home SP3).

Now, the laptop (Acer Aspire) with the problem runs WinXP Home SP3 and is a spare laptop that I connect to the lan on Router 2. At times I don't use it and my son takes it away from my lan on Router 2 (disconnects) and uses it for games, media streaming, etc. using the wireless connection on Router 1.

Here's the results of the ipconfig on the laptop (Acer Aspire) in question:

Windows IP Configuration

Host Name . . . . . . . . . . . . : SPARE_NTBK
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
Physical Address. . . . . . . . . : HIDDEN
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 192.168.1.49
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC
Physical Address. . . . . . . . . : HIDDEN
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 10.0.0.1

Here's the results from traceroute 4.2.2.2 on my son's laptop, a Gateway also running WinXP Home SP3:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\hgfriend3>tracert 4.2.2.2

Tracing route to vnsc-bak.sys.gtei.net [4.2.2.2]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 10.0.0.1
2 1 ms <1 ms <1 ms 192.168.1.1
3 * * * Request timed out.
4 7 ms 7 ms 5 ms gig-0-3-0-7-nycmnyc-rtr01.nyc.rr.com [24.29.157.174]
5 21 ms 11 ms 11 ms tenge-0-7-0-2-nyquny91-rtr001.nyc.rr.com [24.29.119.142]
6 9 ms * * bun6-nyquny91-rtr002.nyc.rr.com [24.29.148.254]

7 7 ms 8 ms 9 ms ae-3-0.cr0.nyc20.tbone.rr.com [66.109.6.76]
8 10 ms 7 ms 8 ms ae-0-0.pr0.nyc30.tbone.rr.com [66.109.6.159]
9 8 ms 7 ms 7 ms xe-11-3-3.edge2.Newark1.Level3.net [4.28.190.93]

10 9 ms 18 ms 17 ms ae-31-51.ebr1.Newark1.Level3.net [4.69.156.30]
11 9 ms 11 ms 11 ms ae-2-2.ebr1.NewYork1.Level3.net [4.69.132.97]
12 15 ms 17 ms 18 ms ae-71-71.csw2.NewYork1.Level3.net [4.69.134.70]

13 9 ms 9 ms 9 ms ae-21-70.car1.NewYork1.Level3.net [4.69.155.67]

14 10 ms 9 ms 10 ms vnsc-bak.sys.gtei.net [4.2.2.2]

Trace complete.

Hope this helps. Thanks... again. :-)

CMaker3

Hello,

A couple of questions just to get a clear picture.

Are both routers connected to another router or modem that connects them to the internet?

You are running Windows (a guess) from a dos prompt what does ipconfig tell you?

With your sons laptop connected to both networks, from a dos prompt what does a traceroute to an internet address show (traceroute 4.2.2.2)?

Hello,

That helps a lot and I think I can provide a solution. If you go in and change the LAN settings on the system and remove the gateway on the 10.0.0.1 network (or if it forces you to have and address use 192.168.1.1). you should be able to use the laptop on the internet while connected to the LAN. The problem is coming from having two gateways. To a computer the gateway is the IP address that the system must use to reach any IP address outside of your sub-net. Your primary sub-net is 192.168.1.1 - 192.168.1.255 and 10.0.0.1-10.0.0.255 is your private backbone that does not connect to the internet. By having two gateways you are telling the system to send packets through two separate portals at the same time and it does not know how to label the packets so the Internets response will come back to the right place.

I am a little confused on the setup.

You said in the original post:

192.168.1.1 (Router 1) and 10.0.0.1 (Router 2)

I can only connect to the internet via LAN (on Router 2) even if both Network Status shows "Connected".

And in the latest post:

Router 1 is the gateway to the internet on network 192.168.1.0/255.255.255.0.

Router 2 is just a lan network (10.0.0.0/255.255.255.0) that separates me (my laptop running Win7 Pro), and provide some sort of security from my spouse and kids who connect to internet wirelessly on Router 1 (2 macbooks and 1 laptop running WinXP Home SP3).

In one statement you said that you could connect to the internet via the router on the private network but the traceroute shows only the 192.168.1.1 network connected to the internet. If you look it shows (line 1) the system trying to send via 10.0.0.1 and a moment later trying to send via the 192.168.1.1 network (line 2). Then it shows the failed route on the 10.0.0.1 gateway (line 3 ) and then the successful route out the gateway on the 192.168.1.1 (on line 4 and continued on down). How do I know which is which? I honestly don't but I am willing to bet that if you disconnect one of the networks and do the traceroute you will get no route on 10.0 and a route on 192.168. Does that makes sense?

Lets just say just like you can't physically exit your house through two different doors without tearing your self apart, neither can info to the internet.

As a side note you can connect your 10.0.0.1 routers WAN port to one of the LAN ports on your 192.168.1.1 router and keep the network private by the subnet being different and keeping the firewall enabled. You will be able to see and use the internet as well as see their computers but they will not be able to see you unless you want them to (see DMZ settings in router manuals).

I hope this was not too long and makes sense. If not you can ask what-ever here or send me a private message and I should respond in 24 hours. I hope I was able to help.

Sorry for not being able to reply. Work calls.

Lets just say just like you can't physically exit your house through two different doors without tearing your self apart, neither can info to the internet.

LOL, I love this one. It can't be any clearer than this.

I do have to apologize because I've still got so much to learn on networking (a love of my life that I can't get a grip on). When I set up Router 2 (using the Netgear app or wizard) I thought that it was all automatically taken cared of. And that my private network or backbone was set to connect to the internet via the only gateway which is on Router 1. Router 2 is hardwired to Router 1. Apparently it's not, as you've explained.

As a side note you can connect your 10.0.0.1 routers WAN port to one of the LAN ports on your 192.168.1.1 router and keep the network private by the subnet being different and keeping the firewall enabled.

I have not enabled WAN on Router 2 (10.0.0.1) thinking that I don't need it since I'm hardwired to Router 1, and I don't want any "strays" on my private network. I have also disabled "Broadcast SSID".

So how do I correct the situation? And do I have to do this to all laptops/pcs on both networks?

Can you clarify this next question? I setup a network on Router 1 (192.168.1.1) although I'd think that Router 1 is just a gateway. Is this correct?

Thanks for all the help. I hope I'll be able to fix this. And the fun is in getting my hands "dirty". :-)

CMaker3

Hi,
I am new to this forum and while reading the answers something stuck in my mind.
This is just a suggestion because I didn't tried it myself. Lan and WLAN can be connected to different networks using Proxy Servers. I am not sure how? But it can be done I think.

Hi Rodney,

Thanks for the reply. I understand what you mean but I have 2 networks. And I know something's wrong with my settings and it may have something to do with ZoneAlarm or my cards config and I don't know how to go about it.

In ZA's Zones, I have two Trusted IP Addresses listed as DHCP Servers
192.168.1.1 (Router 1) and 10.0.0.1 (Router 2)

and two Trusted Networks listed
192.168.1.0/255.255.255.0 (on Router 1) and 10.0.0.0/255.255.255.0 (on Router 2 with wireless disabled)

On my laptop in question (Acer Aspire One)
Ethernet is configured as:
DHCP Disabled, 10.0.0.3/255.255.255.0, Gateway 10.0.0.1, DNS 10.0.0.1

and Wireless is "manually: configured as:
192.168.1.49/255.255.255.0, Gateway 192.168.1.1, DNS 192.168.1.1, WINS is blank

if I enable DHCP config, it looks like this:
DHCP & Autoconfig Enabled, 192.168.1.3/255.255.255.0, Gateway/DHCP/DNS Servers 192.168.1.1

I can only connect to the internet via LAN (on Router 2) even if both Network Status shows "Connected".

On my son's laptop (an old Gateway), he can connect wirelessly (on Router 1) and via LAN (on Router 2) with the LAN taking precedence. His card config is the same except for the assigned IPs for the LAN and WAN. But I blocked his LAN service to protect/secure my own laptop behind it.

I'm a bit confused. What could be wrong with my Acer?

Again thanks in advance.

CMaker3

The first thing I see wrong with this is having a manual setting for your wireless card. If you want to have that static address for your wireless card, you may need to go into the settings of Router 1 and assign that address to your MAC address. It looks like those routers are netgears?

If it's a netgear router, you can log into Router 1 and it would be under the advanced setting. I think it would be the LAN IP Setup to assign a static address to your wireless MAC card.

DNS doesn't look right either. Generally the DNS address comes from the ISP. You could also try using 8.8.8.8 and 8.8.4.4 as secondary for DNS which is googles.

Hello,

You have to kind of think of networks in layers. Each layer connected to and protected from the ones below by your router and firewall. If you set up your 10.0.0.1 network so the LAN is using DHCP and the WAN is set to get an address via DHCP from the next router down stream, then run a wire from the WAN port to any LAN port on your Family router 192.168.1.1. You private network will be protected from your family network, and in turn from the internet, by it's firewall.

You probably have your family router connected via the WAN port to the modem (DSL or Cable) to Your ISP. This will be fine and your family is then protected from the internet by the Family router's firewall. Each router adds information to the data you send telling the systems on the other end how to get the results back to you.

Something that may help is to remember that the internet and the network system came originally from phone networks and systems. Your computers IP address is like a old style phone extension (i.e. 817 555-1212 Ext 101) where the area code is the first router at your ISP, 555 is the second router or your family router, 1212 is the third or private router and the extension (101) is your computer. For you to call that number from anywhere you have to have all of the pieces. Anybody could call the business but without your extension they could not reach your phone at your desk.

Using the phone system model your computer sends out a packet with 101 on it then your private router adds more to the "route" back giving it the 1212 (and is also the reason they call them routers). Then the family router adds the 555 and the ISP router adds the 817 to give the returning information everything it needs to get back to you at your desk. In reality it is a little more complicated as each router is adding the IP address that the data came from as it passed through along with other information but it is the same concept. Think of the gateway as when you have to dial 9 to get an outside line. 9 is your gateway address or route to all the other phones in the world.

So lets say you ask the internet for google's home page and your computer sends a packet toward 74.125.227.18 to request the page. Since that is not in the 10.0.0 subnet your computer sends it to the gateway on your private router and includes 10.0.0.3 as your computers IP. Your private router would add the Private routers IP in your family network (lets say it is 192.168.1.100) to the data. The the family router adds the IP that your ISP gave your line to the data and so on and so on till it gets to the destination. The destination replies sending the data back down the path where the routers strip their address off and pass the data on down till it gets back to you.

The reason that you are protected from your family network is that one of the computers there would have to know that it needed to send (route) data to the router at IP 192.168.1.100 to get to your computer. Then it would have to know your computers IP address in the private network to have the router pass it on to you. But the only route it knows to get to any IP address that does not start with 192.168.1 is through the 192.168.1.1 address.

I hope I have not confused the issue more but that is my non techie explanation of IP addresses, subnets and routing. There are probably 50 people that will point out holes in how I described this but it is basically how it works.

Good Luck...

Hi Rodney,

A little confusing (at first) but not impossible to understand after digesting everything. Very good information.

I tried to do as you suggested in an earlier email

...If you go in and change the LAN settings on the system and remove the gateway on the 10.0.0.1 network (or if it forces you to have and address use 192.168.1.1). you should be able to use the laptop on the internet while connected to the LAN.

and I went to Router 2 (10.0.0.1) by accessing http://10.0.0.1/start/htm and checked it's status as follows:

Internet Port
MAC Address xx:xx:xx:7F
IP Address 192.168.1.5
DHCP DHCPClient
IP Subnet Mask 255.255.255.0
Domain Name Server 192.168.1.1

LAN Port
MAC Address xx:xx:xx:7E
IP Address 10.0.0.1
DHCP On
IP Subnet Mask 255.255.255.0

So I'm not really sure what I need to change since it looks like it's set as you suggested.

Let me also add because this may have something to do with my problem. The wireless icon on the systray of the Acer laptop in question says that I'm connected to the internet. But none of my browsers (IE and FF) can connect to it nor any other apps that require the internet like Avast Home AV.

Thanks again in advance.

Horace

Horace,

Have you tried it with the wireless off? If you are connected via the wire then you don't need the wireless. Wire is faster and more stable than the wireless anyway.

Yes, whether I have wireless ON or OFF and the wire connected I can connect to the internet. It's just that when I'm wireless and off the wire I can't connect even if the wireless icon on the systray says I'm connected to the internet.

Horace,

Have you tried it with the wireless off? If you are connected via the wire then you don't need the wireless. Wire is faster and more stable than the wireless anyway.

We are getting there. Why not enable the wireless on the private router and enable WPA2 security and connect your laptop to it. Then we don't have to worry about gateway conflicts and you can use DHCP on the wireless connection also. For more protection (after you connect successfully one time and set the key) you can set the router Broadcast SSID to Not broadcast and to connect to your wireless they have to know the SSID and the pass-phrase.

Hi Rodney,

Yes I guess that will solve the issue. But then that doesn't solve my problem entirely. I think that in my first post I mentioned that my son sometimes borrows my laptop (the Acer in question) -- especially when I'm not around -- and wants to connect to the internet. In which case I don't want him within my private network while he's playing or streaming something.

I could of course put an "off limits" on the Acer but that defeats the purpose of this post.

I tried as you suggest to find out if I can do wireless from behind my private network (Router 2). I've already done the wireless security settings as you've suggested. I just Enabled Broadcast SSID, connected and got nothing. My wireless icon wasn't even connected. Could there be something wrong with my wireless card? How do I test that?

Thanks.

Horace

We are getting there. Why not enable the wireless on the private router and enable WPA2 security and connect your laptop to it. Then we don't have to worry about gateway conflicts and you can use DHCP on the wireless connection also. For more protection (after you connect successfully one time and set the key) you can set the router Broadcast SSID to Not broadcast and to connect to your wireless they have to know the SSID and the pass-phrase.